#27587: str(QuerySet.query) should be documented
--------------------------------+--------------------------------------
Reporter: Peter Inglesby | Owner: nobody
Type: Uncategorized | Status: new
Component: Documentation | Version: 1.10
Severity: Normal | Resolution:
Keywords: | Triage Stage: Unreviewed
Has patch: 0 | Needs documentation: 0
Needs tests: 0 | Patch needs improvement: 0
Easy pickings: 1 | UI/UX: 0
--------------------------------+--------------------------------------
Comment (by Aymeric Augustin):
Regarding the limitations, I don't think we should accept the current
status quo as the best we can do:
1. if it's reasonably easy to perform the escaping correctly, typically
just by escaping arguments with a function provided by the database
adapter prior to interpolation, then Django should do it.
2. if there's no function for escaping arguments, but a well documented
and not too complicated process do to so (replace " by "" then wrap in
"...") then we should consider doing it as well
3. if the escaping rules are unclear and there's no way to ask the
database to do it, then we should return something that is *obviously*
invalid, like QUERY = ... ; PARAMS = ...
I did that some time ago for `last_executed_query`. SQLite stayed at 3 for
half a decade before moving to 2.
I believe the same logic should apply to QuerySet.query and similar
methods.
--
Ticket URL: <https://code.djangoproject.com/ticket/27587#comment:1>
Django <https://code.djangoproject.com/>
The Web framework for perfectionists with deadlines.
--
You received this message because you are subscribed to the Google Groups
"Django updates" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To post to this group, send email to [email protected].
To view this discussion on the web visit
https://groups.google.com/d/msgid/django-updates/065.756c6b40b4fefd22bd3dc24c90563a68%40djangoproject.com.
For more options, visit https://groups.google.com/d/optout.
